Skip to content

Instantly share code, notes, and snippets.

@ABeltramo

ABeltramo/Readme.md

Created February 1, 2023 15:08
Show Gist options
  • Save ABeltramo/6e7dbf3266092af689ee96fe76fed557 to your computer and use it in GitHub Desktop.
Save ABeltramo/6e7dbf3266092af689ee96fe76fed557 to your computer and use it in GitHub Desktop.
Download ZIP
Docker clean old versions
Raw
Readme.md

I need to delete all docker tags older than a date X in order to cleanup the registry; so I've changed the list action from https://github.com/byrnedo/docker-reg-tool so that it includes the date following https://stackoverflow.com/questions/32605556/how-to-find-the-creation-date-of-an-image-in-a-private-docker-registry-api-v2

Then, I've made a second step clean process so that I can manually check it:

./docker_reg_tool <REGISTRY> list <REPO> > versions.txt
./docker_clean

Remember to also run in the docker registry:

registry garbage-collect -m=true /etc/docker/registry/config.yml
Raw
docker_clean.sh
#!/bin/bash
sort -t '"' -k 2 versions.txt | head -n 400 | while read version
do
tag=(${version//-/ })
./docker_reg_tool http://registry.cbox delete aimi ${tag[0]}
done
Raw
docker_reg_tool.sh
#!/bin/bash
set -eo pipefail
CMD=$0
function isTruthy {
local arg=$1
if [[ "$arg" = true ]] || [[ "$arg" = "true" ]] || [[ "$arg" -eq 1 ]]; then
echo "true"
fi
}
if [[ ${TRACE} ]] && [[ $(isTruthy "$TRACE") ]]; then
set -x
fi
function usage {
cat <<EOU
Usage:
$CMD REGISTRY_BASE_URL ACTION [OPTIONS..]
Actions:
- list list repos
- list REPO list tags for repo
- delete REPO TAG delete tag for repo
Example:
List all repos
/$ $CMD https://registry.my.domain list
List tags for one repo
/$ $CMD https://registry.my.domain list some-repo
Delete tag for a repo
/$ $CMD https://registry.my.domain delete some-repo some-tag
EOU
exit 1
}
[ $# -lt 2 ] && usage
set +e
PROTO="$(echo $1 | grep :// | sed -e's,^\(.*://\).*,\1,g')"
set -e
[ -z "$PROTO" ] && >&2 echo "ERROR: Must have protocol in registry url" && usage
# remove the protocol
REG="$(echo ${1/$PROTO/})"
shift
ACTION="$1"
shift
CREDS=""
DOCKER_CONFIG="$HOME/.docker/config.json"
if [[ ${BASIC_AUTH} ]]; then
CREDS="Authorization: Basic $(echo -n $BASIC_AUTH|base64)"
elif [[ -f "$DOCKER_CONFIG" ]]; then
AUTH_INFO=$(jq -r '.auths["'$REG'"].auth' < "$DOCKER_CONFIG")
if [ "$AUTH_INFO" = "null" ]; then
AUTH_INFO=$(jq -r '.auths."'$PROTO$REG'".auth' < "$DOCKER_CONFIG")
if [ "$AUTH_INFO" = "null" ]; then
echo "ERROR: Failed to retrieve credentials from $DOCKER_CONFIG for ${REG}!"
exit 4
fi
fi
CREDS="Authorization: Basic $AUTH_INFO"
fi
SEC_FLAG=""
if [[ ${INSECURE_REGISTRY} ]] && [[ $(isTruthy "$INSECURE_REGISTRY") ]]; then
SEC_FLAG="-k"
fi
function curlCmd {
curl "$SEC_FLAG" --header "$CREDS" $*
}
case "$ACTION" in
list)
if [ $# -eq 1 ]; then
repo=${1}
if [ -n "$repo" ]; then
tags=$(curlCmd -s "$PROTO$REG/v2/$repo/tags/list" | jq -r '.tags|.[]')
for tag in $tags:
do
created=$(curlCmd -s "$PROTO$REG/v2/$repo/manifests/$tag" | jq -r '.history[].v1Compatibility' | jq '.created' | sort | tail -n1 )
echo "${tag} - ${created}"
done
fi
else
curlCmd -s "$PROTO$REG/v2/_catalog?n=500" | jq -r '.repositories|.[]'
fi
;;
delete)
repo=$1
tag=$2
response=$(curlCmd -v -s -H "Accept:application/vnd.docker.distribution.manifest.v2+json" "$PROTO$REG/v2/$repo/manifests/$tag" 2>&1)
digest=$(echo "$response" | grep -i "< Docker-Content-Digest:"|awk '{print $3}' || echo "")
[ -z "$digest" ] &&
response=$(curlCmd -v -s -H "Accept:application/vnd.oci.image.manifest.v1+json" "$PROTO$REG/v2/$repo/manifests/$tag" 2>&1) &&
digest=$(echo "$response" | grep -i "< Docker-Content-Digest:"|awk '{print $3}')
digest=${digest//[$'\t\r\n']}
echo "DIGEST: $digest"
result=$(curlCmd -s -o /dev/null -w "%{http_code}" -H "Accept:application/vnd.docker.distribution.manifest.v2+json" -X DELETE "$PROTO$REG/v2/$repo/manifests/$digest")
if [ "$result" -eq 202 ]; then
echo "Successfully deleted"
exit 0
else
echo "Failed to delete: $result"
exit 3
fi
;;
esac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment